Results 1 to 7 of 7

Thread: The technical proof please.

  1. #1
    Join Date
    Jul 2003

    The technical proof please.

    Again we have news items about naughtiness on the internet! How do they know? Code looks the same to me wherever it comes from. Do they find REM statements in the Russian language or something? News outlets are going to have to bite the bullet and ask for more details to show us. It is possible to explain the stuff to us technical folk I am sure.

  2. #2
    Join Date
    Jul 2003
    Perhaps I should have posted this yearning in the coder section but I might not understand any responces

  3. #3
    Join Date
    May 2005
    Quote Originally Posted by peteshimmon View Post
    Perhaps I should have posted this yearning in the coder section but I might not understand any responces
    What was the incident that prompted your post? Do you have a link?

  4. #4
    Join Date
    Aug 2006
    Agree. Without context, I am at a loss too.

  5. #5
    Join Date
    Feb 2006
    Maybe this?

    Alert (TA18-106A)
    Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices
    Original release date: April 16, 2018 | Last revised: April 18, 2018
    This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the United Kingdom’s National Cyber Security Centre (NCSC). This TA provides information on the worldwide cyber exploitation of network infrastructure devices (e.g., router, switch, firewall, Network-based Intrusion Detection System (NIDS) devices) by Russian state-sponsored cyber actors. Targets are primarily government and private-sector organizations, critical infrastructure providers, and the Internet service providers (ISPs) supporting these sectors.

  6. #6
    Join Date
    May 2008
    The Netherlands
    You want technical details of hacks? You could go to and read up on the challenges, and the verbose descriptions of how the winners did things. Then come back and tell us if you think such detail is what the public can stomach without switching channels to some mindless but nice TV show.

    eta: that's a nice link, Selden, thanks.
    "Dumb all over, a little ugly on the side." -- Frank Zappa
    "Your right to hold an opinion is not being contested. Your expectation that it be taken seriously is." -- Jason Thompson
    "This is really very simple, but unfortunately it's very complicated." -- publius

    Moderator comments in this color | Get moderator attention using the lower left icon:
    Recommended reading: Forum Rules * Forum FAQs * Conspiracy Theory Advice * Alternate Theory Advocates Advice

  7. #7
    Join Date
    Jul 2005
    There are lots of blogs and books about this - I occasionally glean something comprehensible from the Wordfence blog.
    The code and its annotations may show characteristic features suggesting where and in what language it was written - but that's not reliable, since cyberattackers often use bits of code lifted from various hacker toolkits.
    The metadata attached to the malware may give information about the sort of machine on which it was compiled, including keyboard settings - but these may be misdirections.
    The main tool seems to involve actually monitoring an attack while it develops, to see where packets are coming from, and where they're going - but these may be faked, and will likely originate from an intermediate botnet of hacked computers which have previously been subverted by the bad guys, and which then need to be examined in turn.

    All this is compared to previous patterns of activity, previous malware files, and previous hacker "tells", which taken together provide a sort of digital forensic fingerprint that may help identify related fingerprints.

    But because cyberattackers can spoof every stage of the attack, it's very difficult to trace them back. I suspect the actual techniques used to finger these state-sponsored activities are both incomprehensible to mere mortals and deeply embedded in layers of secrecy by NSA, GCHQ, etc.

    Grant Hutchison

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts